Client
The client is a global technology company that produces and delivers infrastructure management solutions to companies across industrial sectors and throughout the automotive and communication industries.
Challenge
Development has been time-consuming for the client over the last few years.
First, the client has a wide range of infrastructure solutions that require regular tests, updates, and new releases once a quarter. It is a massive scope of work, not to mention the scale of the client's products. The fact that teams tasked with development are based in different locations also complicates the overall workflow. The digital experience team, whose duty is to support infrastructure for developers and clients, clearly needed help in optimizing and automating the CI/CD process.
The client expected a faster, automated, easy-to-maintain CI/CD workflow suitable for different projects. Following a successful collaboration with the client in the past, the Elinext team joined, adding three developers to the board.
About the Solution
The solution is a pipeline that contains a set of automated actions to run the development process.
These actions represent instruments to perform the following test jobs: build, deployment, scan, and integration.
The benefit of using a common pipeline is its flexibility — it can be applied to any project. Before this solution, developers had to create separate pipelines for each component, which resulted in duplicate code and inefficient use of working time.
Development teams can modify the pipeline according to their needs. For example, they can enrich an existing solution with new functionality. All that is needed is to add a few lines of code instead of creating a separate program.
Another feature available in the solution is the ability to skip certain build stages. It is a useful feature when a developer needs to only see scan results or to deploy certain branches regardless of the default setting.
The solution was created using Jenkins, an open-source automation server for building and deploying software. Overall, the project took five phases to be completed.
Phase 1 — Design. Gathering requirements and determining how end users will interact with the solution once it’s finalized.
Phase 2 — Scanning jobs. Creating three scan jobs to check components for their vulnerabilities:
- Blackduck — it identifies open-source components and scans them for compliance issues and risks
- Coverity — it detects security vulnerabilities in code written by Elinext developers
- Sonar — it analyzes the quality of source code
The scan jobs can run in parallel and do not affect the rest of the pipeline. The same scan jobs can be applied for different components, optimizing the time of developers. We tested them later by calling jobs from a variety of legacy pipelines to seek any defects like missing parameters or any misconfigurations.
Phase 3 — POC. Creating the first iteration of a common pipeline that would support multiple build types, primarily Java builds using either Maven or Gradle.
Phase 4 — Shared Library. Moving code to a centralized library creates an opportunity for development teams to trigger certain jobs from a pipeline instead of creating them from scratch all over again.
All changes that are done in the library are centralized there. This means that when a developer implements a fix to the shared library, the changes will apply to all components automatically. The functionality of the common pipeline was later expanded to support all build types.
Phase 5 — Feedback. Gathering client feedback and fixing any issues with our work on the pipeline.
Results
The project lasted over six months and brought satisfying results to the client — development time has been reduced by 40% from start to finish. Moreover, it leads to cost optimization, as there is less need to utilize hardware for the development process. The pipeline is a flexible tool that allows us to configure components faster and easier, while not affecting the quality or security measures.